[Bug]: occ cli throws error in VM with mounted data directory

[jshore1296]

⚠️ This issue respects the following points: ⚠️

• This is a bug, not a question or a configuration/webserver/proxy issue.
• This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
• Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• I agree to follow Nextcloud's Code of Conduct.

Bug description

My data directory is owned by a separate user, not www-data. This cannot be changed because it is mounted by VMWare, but as of 29.0.0, occ throws an error because www-data doesn't own the data directory. The error is "Console has to be executed with the user that owns the data directory"

I added www-data to the appropriate groups so it is able to see the directory. However, I cannot completely upgrade nextcloud or run any occ commands.

Further, I am now seeing ".htaccess is not working" on the server page after upgrading to 29.0.0. I did not see this error on 28.0.4, and I haven't changed any of the config. I'm suspicious this is the same cause. my .htaccess is not owned by www-data, though www-data is in the same group as is on the file.

Steps to reproduce

1. mount a data directory inside a vm that is not owned by www-data
2. add www-data to the group to be able to read the directory
3. see errors as noted above.

Expected behavior

For these errors to not occur!

Installation method

Community VM appliance

Nextcloud Server version

29

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.1

Web server

Apache (supported)

Database engine version

PostgreSQL

Is this bug present after an update or on a fresh install?

Upgraded to a MAJOR version (ex. 22 to 23)

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

• Default user-backend (database)
• LDAP/ Active Directory
• SSO - SAML
• Other

Configuration report

Cannot run, as noted above.

List of activated Apps

Cannot run.

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

No response

Additional info

No response

[jshore1296]

To explain a bit more about the occ error -

I am using the nextcloud/vm setup. I think it uses the nextcloud_occ script to do everything with occ, which automatically runs it as www-data. All of those commands are failing since the mounted data directory cannot be owned by www-data.

I'm not sure what's causing the .htaccess issue. It doesn't show the error on 28.0.4, and when I update to 29, it does show it. My data directory is not in the web root, even though the error seems to indicate that it is.

[beachmountain]

I am having a similar issue. After upgrading to 29.0.0 I am no longer able to run any occ command (which I was able to do just 10 min ago when upgrading to latest 28 version). My nextcloud folder is located on a mounted NAS disk where all folders are owned by www-data. It seems however that Nextcloud now does not think the www-data user on the mounted disk is the same user as the regular www-data user. I always first su to the www-data user like this:

sudo su -l www-data -s /bin/bash

and then run occ commands:

www-data@raven:/media/nas/www/nextcloud$ ./occ db:add-missing-indices

Console has to be executed with the user that owns the data directory Current user id: 33 Owner id of the data directory: 65534 Try adding 'sudo -u #65534' to the beginning of the command (without the single quotes)

The suggested solution does not work, since the #65534 user seems to evaulate to the root user, which cannot run occ due to the permissions.

It also seems like cronjobs are no longer running, and when trying to run cron.php as the www-data user, it does not work, giving the same error as above.

[vwvierhundertzwoelf]

I am having exactly the same issue as @beachmountain with the nextcloud data folder mounted on a nas, after upgrading to 29.0.0

[enoch85]

Can't do a clean installation either.

[memoryleak]

My installation is broken after update because of this:

Console has to be executed with the user that owns the data directory Current user id: 1000 Owner id of the data directory: 1001 Try adding 'sudo -u #1001' to the beginning of the command (without the single quotes) If running with 'docker exec' try adding the option '-u 1001' to the docker command (without the single quotes)

Data folder is on a NFS share that is writable.

[joshtrichards]

Presumably related to #27613 though I don't see why this would be triggering now if it wasn't already before...

EDIT: Oh I missed the other commit. Yes, presumably config.php ownership was/is fine in the environments this is triggering.

[enoch85]

@joshtrichards I fixed the installation part by chowning /var/www/nextcloud/data to www:data before the installation. It seems like NC 29 expects that - even if we don't use that location at all for the data. Datastore i my case is /mnt/ncdata.

[vwvierhundertzwoelf]

@joshtrichards I fixed the installation part by chowning /var/www/nextcloud/data to www:data before the installation. It seems like NC 29 expects that - even if we don't use that location at all for the data. Datastore i my case is /mnt/ncdata.

But the problem with the /mnt/data location still persists.
In my case its on a windows machine and i have write permissions. But because its on a windows machine the owner of the folder is always 0, so chown does not make any difference. With 28.0.5 this works flawlessly, when i add 'check_data_directory_permissions' => false, to the config.php, with 29.0.0 this seems not to work anymore.

[enoch85]

@joshtrichards I fixed the installation part by chowning /var/www/nextcloud/data to www:data before the installation. It seems like NC 29 expects that - even if we don't use that location at all for the data. Datastore i my case is /mnt/ncdata.

But the problem with the /mnt/data location still persists. In my case its on a windows machine and i have write permissions. But because its on a windows machine the owner of the folder is always 0, so chown does not make any difference. With 28.0.5 this works flawlessly, when i add 'check_data_directory_permissions' => false, to the config.php, with 29.0.0 this seems not to work anymore.

The main issue here is that Nextcloud expects everyone to save stuff in the "default" data path and doesn't care about the config value in config.php. I don't think it should check for permissions at all before Nextcloud is installed with occ.

[miccgn]

+1 from me. Same problem with an NFS share. NC ran fine with the very same setup for years, now OCC complains about using the wrong user. However, www-data owns the NC directories, has all permissions on the /mnt/data directory - but I cannot chown to that user, as the doesn't even exist on the NFS server.

It simply doesn't make sense OCC tries to check this - or at least offer an override for that.

[jewettmatt]

+1 here with a similar setup. Been running nextcloud on a Debian VM with data saved to an external drive for years with no issues. After the nc29 update I can no longer execute any occ commands as www-data. I had to switch my background jobs to AJAX, since cron can no longer execute them as www-data.

[jtackaberry]

Just throwing mine onto the pile. Kubernetes hosted here, nextcloud runs as uid 10020, PV is mounted as PVs are always mounted: owned by root, but group-owned by nextcloud with the setgid bit set:

drwxrws---   10 root     10020           14 Mar 31 17:33 data

[jewettmatt]

+1 here with a similar setup. Been running nextcloud on a Debian VM with data saved to an external drive for years with no issues. After the nc29 update I can no longer execute any occ commands as www-data. I had to switch my background jobs to AJAX, since cron can no longer execute them as www-data.

Updated to version 29.0.1 and occ commands are working as www-data again.

[szaimen]

Yes, should be fixed with 29.0.1